× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3ad777e61b816f9de974af71c70b11610e3d42c27a47572cd6bd652983e08eb5
File name: Potato.exe
Detection ratio: 0 / 54
Analysis date: 2016-01-19 08:00:39 UTC ( 1 year, 3 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160119
AegisLab 20160119
Yandex 20160118
AhnLab-V3 20160119
Alibaba 20160119
ALYac 20160119
Antiy-AVL 20160119
Arcabit 20160119
Avast 20160119
AVG 20160119
Avira (no cloud) 20160119
Baidu-International 20160118
BitDefender 20160119
Bkav 20160118
ByteHero 20160119
CAT-QuickHeal 20160119
ClamAV 20160118
CMC 20160111
Comodo 20160119
Cyren 20160119
DrWeb 20160119
Emsisoft 20160119
ESET-NOD32 20160119
F-Prot 20160119
F-Secure 20160119
Fortinet 20160119
GData 20160119
Ikarus 20160119
Jiangmin 20160119
K7AntiVirus 20160119
K7GW 20160119
Kaspersky 20160119
Malwarebytes 20160119
McAfee 20160119
McAfee-GW-Edition 20160119
Microsoft 20160119
eScan 20160119
NANO-Antivirus 20160119
nProtect 20160119
Panda 20160118
Qihoo-360 20160119
Rising 20160119
Sophos 20160119
SUPERAntiSpyware 20160119
Symantec 20160118
Tencent 20160119
TheHacker 20160119
TrendMicro 20160119
TrendMicro-HouseCall 20160119
VBA32 20160117
VIPRE 20160119
ViRobot 20160119
Zillya 20160118
Zoner 20160119
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft 2015

Product Potato
Original name Potato.exe
Internal name Potato.exe
File version 1.0.0.0
Description Potato
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-12-14 19:59:01
Entry Point 0x0000635E
Number of sections 3
.NET details
Module Version ID 0542e44e-9bb1-476f-b2d5-27315266225e
TypeLib ID b98c9d27-813b-4fba-8e80-76d23e63dc2f
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
2048

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
11.0

EntryPoint
0x635e

OriginalFileName
Potato.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft 2015

FileVersion
1.0.0.0

TimeStamp
2015:12:14 20:59:01+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Potato.exe

ProductVersion
1.0.0.0

FileDescription
Potato

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
17408

ProductName
Potato

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

Compressed bundles
File identification
MD5 10091b96f63399ec912c62ee12bd5a79
SHA1 eb6dd8def6ff0aeea3f46edd9864ac1948161692
SHA256 3ad777e61b816f9de974af71c70b11610e3d42c27a47572cd6bd652983e08eb5
ssdeep
384:eWOOrFQaC00rTF3da4fE5OEU9EJAtNY8q0wmOLWW:hOOrF0PCrk9EJA88qWO9

authentihash 2ea667b3c2420123ece25cddeef4698240c4f3baefa49618e0bc5cd7adf1e1af
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 19.5 KB ( 19968 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-01-17 18:44:32 UTC ( 1 year, 3 months ago )
Last submission 2016-01-19 08:00:39 UTC ( 1 year, 3 months ago )
File names Potato.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!